> On 16 mrt 2008, at 2:16, Mark Andrews wrote: > > > Enable DNSSEC validation on the network's servers. At a > > minimum make them DNSSEC transparent. > > > Is there any software out there for common OSes that does something > useful with this? Yes. It is also useful in its own right by protecting the down stream clients. Note: DNSSEC validation in the recursive resolver is stage 1 of DNSSEC deployment. > A more interesting experiment would be to do away with SSL for a bit > and use IPsec instead. But I think we're far from being finished with > IPv6. Nearly all IETF mailinglists are still hosted on IPv4-only > servers, to name just one issue. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@xxxxxxx _______________________________________________ IETF mailing list IETF@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf